<?php
	$title='Fitness forum - post message';
	$description='Fitness forum post message';
	$keywords='fitness, muscles, training, supplements, diet, nutririon, forum';
?>
<?php include('fns_db_forum.php'); ?>
<?php include('forum_utils.php'); ?>
<?php include('../views/layouts/_header.php'); ?>
<?php include('../views/layouts/_left.php'); ?>

<?php
switch( @$_POST['Button'])
{
	case "Post Message":
	{
		if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
			// Encode any quote characters
			//$author = strip_tags($_POST['author']);
			$author = null;
			if ($_SESSION['auth'] == "yes"){
				$author = $_SESSION['logname'];
			}
			else{
				$author = 'Unregistered User';
			}

			//$body = htmlentities($_POST['body']);
			$messageBody = stripslashes( $_POST['FCKeditor1'] ) ;
			$subject = addslashes(htmlentities($_POST['subject']));

			$parentThread = create_new_thread($_POST['ftopicID'], $author, $subject);

			$result = add_new_message($parentThread, $author, $messageBody);
			if( $result == 0 ){
				#echo "Error: ".mysqli_error($cxn);
			}
			else
			{
				echo '<meta http-equiv="Refresh" content="2;';
				echo 'url=view_topic.php?topicID=';
				echo $_POST['ftopicID'] . '"/>';
				echo "<b>Your message has been posted. In a moment you
			will be automatically returned to the
			topic.</b>";
			}
		}else {
			// Insert your code for showing an error message here
			echo 'Sorry, you have provided an invalid security code';
		}
		break;
	}
	default:
	{
		$parentTopic = $_GET['topicID'];
		$result = get_name_for_topic($parentTopic);
		$topic = mysqli_fetch_assoc($result);
		$author = "";
		$subject = "";
		$body = "";
	}
	$ftopic = $topic['name'];
	$ftopicID = $parentTopic;
	include( "message_fields.php" );
	include( "message_form.php" );
	break;
}
?>

<?php include('../views/layouts/_footer.php'); ?>